Hello

I have 2 DNS servers:
alpha.xvihost.net <-- Cpanel box is PRIMARY dns
beta.xvihost.net <-- ISPConfig box want it to be SECONDARY dns

Beta box is recently setup by following "The perfect setup centos 4.4 and ISPConfig" here on howto forge. I want to do the same with alpha and make it an ISPConfig box too. However I need to get all the DNS records off alpha onto beta so I can take down alpha and rebuild it.

My Question:
1. How do I get the two boxes talking to each other so that beta has all the same DNS records as alpha so I can take alpha off-line and rebuild it?

Regards
Russ

If the alpha box is based on bind and bind is configured to allow zone transfers, then set beta as secondary nemeserver for the domains on alpha. Now add for every domain a secondary DNS record in ISPConfig on beta, bind will then transfer the domain details from alpha to beta automatically when everythin is configured correctly and zone transfers are allowed to beta.

If the alpha box is based on bind and bind is configured to allow zone transfers, then set beta as secondary nemeserver for the domains on alpha. Now add for every domain a secondary DNS record in ISPConfig on beta, bind will then transfer the domain details from alpha to beta automatically when everythin is configured correctly and zone transfers are allowed to beta.


If the alpha box is based on bind >>
Yes I do believe that cpanel uses bind.

Then set beta as secondary nameserver for the domains on alpha>>
Okay I did that and added an A record on alpha

Now add for every domain a secondary DNS record in ISPConfig on beta>>
Done

Till said:
bind will then transfer the domain details from alpha to beta automatically when everythin is configured correctly and zone transfers are allowed to beta.


How do I knw this is working?

Russ

Check your secondary server with the following command executed locally on the beta server.

dig @localhost yourdomain.com

Check your secondary server with the following command executed locally on the beta server.

dig @localhost yourdomain.com


okay I used putty to connect and I ran the command. Here is what I got:
# dig @localhost stmat.org
<<>> DiG 9.2.4 <<>> @localhost stmat.org
(1 server found)
global options: printcmd
Got Answer:
->>HEADER<<- opcode:QUERY, status:SERVFAIL, id:44699
flags qr rd ra; QUERY 1, ANSWER 0. AUTHORITY: 0, ADDITIONAL 0

QUESTION SECTION:
stmat.org IN A



Okay what does that mean? Did it work?

Russ

It means that bind is not running on localhost, which is your secondary / beta host.

I'm not familiar with CentOS, so can't tell you exactly where the log file is, but usually you'll find and error for bind/named in /var/log/messages.

It means that bind is not running on localhost, which is your secondary / beta host.


Okay I checked and bind is running for sure. I even restarted it just to be double sure. However when I opened up /var/log/messages I saw something interesting:

alpha DNS server the CPanel box is 207.150.182.162
It looks like beta DNS server is attempting to grab the DNS records but is getting permission denied.


Feb 9 10:33:38 beta named[23939]: transfer of 'soundkave.com/IN' from 207.150.182.162#53: end of transfer
Feb 9 10:33:38 beta named[23939]: dumping master file: tmp-XXXXtLvsOg: open: permission denied
Feb 9 10:33:38 beta named[23939]: transfer of 'ymtoolbox.com/IN' from 207.150.182.162#53: failed while receiving responses: permission denied
Feb 9 10:33:38 beta named[23939]: transfer of 'ymtoolbox.com/IN' from 207.150.182.162#53: end of transfer
Feb 9 10:33:38 beta named[23939]: dumping master file: tmp-XXXXrrk9Ek: open: permission denied
Feb 9 10:33:38 beta named[23939]: transfer of 'barkett.xvihost.org/IN' from 207.150.182.162#53: failed while receiving responses: permission denied
Feb 9 10:33:38 beta named[23939]: transfer of 'barkett.xvihost.org/IN' from 207.150.182.162#53: end of transfer
Feb 9 10:33:38 beta named[23939]: dumping master file: tmp-XXXXNzPPxo: open: permission denied
Feb 9 10:33:38 beta named[23939]: transfer of 'cpweb.org/IN' from 207.150.182.162#53: failed while receiving responses: permission denied
Feb 9 10:33:38 beta named[23939]: transfer of 'cpweb.org/IN' from 207.150.182.162#53: end of transfer
Feb 9 10:33:38 beta named[23939]: dumping master file: tmp-XXXXiOcNss: open: permission denied
Feb 9 10:33:38 beta named[23939]: transfer of 'ourfrienddavidrowe.com/IN' from 207.150.182.162#53: failed while receiving responses: permission denied

Okay so it was a permission problem.

dumping master file: tmp-XXXXrrk9Ek: open: permission denied

I must have made a mistake in the setup when I set the permissions for the chrooted dns so I went back and redid the permissions:
chmod 755 /var/named/
chmod 775 /var/named/chroot/
chmod 775 /var/named/chroot/var/
chmod 775 /var/named/chroot/var/named/
chmod 775 /var/named/chroot/var/run/
chmod 777 /var/named/chroot/var/run/named/

I then restarted named and saw this in /var/log/messages:

Feb 9 21:50:59 beta named[4286]: starting BIND 9.2.4 -u named -t /var/named/chroot
Feb 9 21:50:59 beta named[4286]: using 1 CPU
Feb 9 21:50:59 beta named[4286]: loading configuration from '/etc/named.conf'
Feb 9 21:50:59 beta named[4286]: listening on IPv4 interface lo, 127.0.0.1#53
Feb 9 21:50:59 beta named[4286]: listening on IPv4 interface eth0, 207.150.182.163#53
Feb 9 21:50:59 beta named[4286]: command channel listening on 127.0.0.1#953
Feb 9 21:50:59 beta named[4286]: command channel listening on ::1#953
Feb 9 21:50:59 beta named[4286]: zone 0.0.127.in-addr.arpa/IN: loaded serial 1997022700
Feb 9 21:50:59 beta named[4286]: zone 182.150.207.in-addr.arpa/IN: loaded serial 2007020502
Feb 9 21:50:59 beta named[4286]: zone limowebwiz.com/IN: loaded serial 2007020502
Feb 9 21:50:59 beta named: named startup succeeded
Feb 9 21:50:59 beta named[4286]: running
Feb 9 21:50:59 beta named[4286]: zone limowebwiz.com/IN: sending notifies (serial 2007020502)
Feb 9 21:50:59 beta named[4286]: zone 182.150.207.in-addr.arpa/IN: sending notifies (serial 2007020502)
Feb 9 21:50:59 beta named[4286]: zone drjosepinto.com/IN: transferred serial 2006120701
Feb 9 21:50:59 beta named[4286]: transfer of 'drjosepinto.com/IN' from 207.150.182.162#53: end of transfer
Feb 9 21:50:59 beta named[4286]: zone drjosepinto.com/IN: sending notifies (serial 2006120701)
Feb 9 21:51:00 beta named[4286]: lame server resolving 'beta.xvihost.net' (in 'xvihost.net'?): 207.150.182.163#53
Feb 9 21:51:00 beta named[4286]: zone agdgammabeta.com/IN: transferred serial 2006040301
Feb 9 21:51:00 beta named[4286]: transfer of 'agdgammabeta.com/IN' from 207.150.182.162#53: end of transfer
Feb 9 21:51:00 beta named[4286]: zone agdgammabeta.com/IN: sending notifies (serial 2006040301)
Feb 9 21:51:00 beta named[4286]: zone connectingpoints.com/IN: transferred serial 2006072901
Feb 9 21:51:00 beta named[4286]: transfer of 'connectingpoints.com/IN' from 207.150.182.162#53: end of transfer
Feb 9 21:51:00 beta named[4286]: zone connectingpoints.com/IN: sending notifies (serial 2006072901)

Now it works like a charm!

I did :
#dig @localhost stmat.org

; <<>> DiG 9.2.4 <<>> @localhost stmat.org
; (1 server found)
;; global options: printcmd
;; Got answer:
;; ->>HEADER<<- opcode: QUERY, status: NOERROR, id: 16527
;; flags: qr aa rd ra; QUERY: 1, ANSWER: 1, AUTHORITY: 2, ADDITIONAL: 2

;; QUESTION SECTION:
;stmat.org. IN A

;; ANSWER SECTION:
stmat.org. 14400 IN A 207.150.182.165

;; AUTHORITY SECTION:
stmat.org. 14400 IN NS alpha.xvihost.net.
stmat.org. 14400 IN NS beta.xvihost.net.

;; ADDITIONAL SECTION:
beta.xvihost.net. 172334 IN A 207.150.182.163
alpha.xvihost.net. 13936 IN A 207.150.182.162

;; Query time: 1 msec
;; SERVER: 127.0.0.1#53(127.0.0.1)
;; WHEN: Fri Feb 9 21:58:46 2007
;; MSG SIZE rcvd: 125



So it is working right I think. Hopefully this will help someone else.

Regards
Russ